ATLAS-1489 : Show create/edit entity button based on role (Kalyanikashikar via kevalbhatt)

c8f3184f · kevalbhatt · 7f914ab9 · c8f3184f · c8f3184f · c8f3184f
Commit c8f3184f authored Jan 23, 2017 by kevalbhatt
9 changed files
--- a/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java
+++ b/authorization/src/main/java/org/apache/atlas/authorize/simple/AtlasAuthorizationUtils.java
@@ -21,6 +21,10 @@ package org.apache.atlas.authorize.simple;
 import org.apache.atlas.AtlasClient;
 import org.apache.atlas.authorize.AtlasActionTypes;
 import org.apache.atlas.authorize.AtlasResourceTypes;
+import org.apache.atlas.authorize.AtlasAuthorizationException;
+import org.apache.atlas.authorize.AtlasAuthorizer;
+import org.apache.atlas.authorize.AtlasAccessRequest;
+import org.apache.atlas.authorize.AtlasAuthorizerFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -115,7 +119,7 @@ public class AtlasAuthorizationUtils {
                || api.startsWith("graph")) {
            resourceTypes.add(AtlasResourceTypes.OPERATION);
        } else if (api.startsWith("entities") || api.startsWith("lineage") ||
-                api.startsWith("discovery") || api.startsWith("entity")) {
+                api.startsWith("discovery") || api.startsWith("entity")  || api.startsWith("search")) {
            resourceTypes.add(AtlasResourceTypes.ENTITY);
        } else if (api.startsWith("taxonomies")) {
            resourceTypes.add(AtlasResourceTypes.TAXONOMY);
@@ -135,4 +139,23 @@ public class AtlasAuthorizationUtils {
        }
        return resourceTypes;
    }
+    public static boolean isAccessAllowed(AtlasResourceTypes resourcetype, AtlasActionTypes actionType, String userName, Set<String> groups) {
+        AtlasAuthorizer authorizer = null;
+        boolean isaccessAllowed = false;
+        Set<AtlasResourceTypes> resourceTypes = new HashSet<>();
+        resourceTypes.add(resourcetype);
+        AtlasAccessRequest atlasRequest = new AtlasAccessRequest(resourceTypes, "*", actionType, userName, groups);
+        try {
+            authorizer = AtlasAuthorizerFactory.getAtlasAuthorizer();
+            if (authorizer != null) {
+                isaccessAllowed = authorizer.isAccessAllowed(atlasRequest);
+            }
+        } catch (AtlasAuthorizationException e) {
+            LOG.error("Unable to obtain AtlasAuthorizer. ", e);
+        }
+        return isaccessAllowed;
+    }
 }
--- a/dashboardv2/public/js/main.js
+++ b/dashboardv2/public/js/main.js
@@ -174,6 +174,12 @@ require(['App',
            if (response && response['atlas.feature.taxonomy.enable'] !== undefined) {
                Globals.taxonomy = response['atlas.feature.taxonomy.enable']
            }
+            if (response && response['atlas.entity.create.allowed'] !== undefined) {
+                Globals.entityCreate = response['atlas.entity.create.allowed'];
+            }
+            if (response && response['atlas.entity.update.allowed'] !== undefined) {
+                Globals.entityUpdate = response['atlas.entity.update.allowed'];
+            }
            App.start();
        }
    });

--- a/dashboardv2/public/js/templates/detail_page/DetailPageLayoutView_tmpl.html
+++ b/dashboardv2/public/js/templates/detail_page/DetailPageLayoutView_tmpl.html
@@ -22,8 +22,9 @@
        <div class="row">
            <a href="javascript:void(0);" class="backButton" data-id="backButton"><i class="fa fa-chevron-left"></i>  Back To Results</a>
        </div>
-        <h1><span  data-id="title"></span></h1>
+        <h1><span  data-id="title"></span></h1> {{#if entityUpdate}}
        <button data-id="editButton" class="btn btn-default pull-right editbutton" id="editText"><i class="fa fa-pencil"></i></button>
+        {{/if}}
        <div class="tagTerm">
            <span class="tagSpan">Tags:</span>
            <div class="" data-id="tagList">

--- a/dashboardv2/public/js/templates/search/SearchLayoutView_tmpl.html
+++ b/dashboardv2/public/js/templates/search/SearchLayoutView_tmpl.html
@@ -15,17 +15,19 @@
 * limitations under the License.
 -->
 <div class="row row-margin-bottom">
+    {{#if entityCreate}}
    <div class="col-sm-12">
        <button class="btn btn-atlasAction btn-atlas pull-left" data-id="createEntity"><i class="fa fa-plus"></i> Create Entity</button>
    </div>
+    {{/if}}
    <div class="col-sm-12" style="margin:15px 0px;">
        <div class="row">
            <div class="col-md-6">
                <span class="pull-left">Text</span>
                <label class="switch pull-left">
-                   <input type="checkbox" class="switch-input" name="queryType" value="text"/>
+                    <input type="checkbox" class="switch-input" name="queryType" value="text" />
-                   <span class="switch-slider"></span>
+                    <span class="switch-slider"></span>
-                 </label>
+                </label>
                <span class="pull-left">DSL</span>
            </div>
            <div class="col-md-6">

--- a/dashboardv2/public/js/views/detail_page/DetailPageLayoutView.js
+++ b/dashboardv2/public/js/views/detail_page/DetailPageLayoutView.js
@@ -61,15 +61,14 @@ define(['require',
            },
            templateHelpers: function() {
                return {
-                    taxonomy: Globals.taxonomy
+                    taxonomy: Globals.taxonomy,
+                    entityUpdate: Globals.entityUpdate
                };
            },
            /** ui events hash */
            events: function() {
                var events = {};
-                if (Globals.entityCrud) {
+                events["click " + this.ui.editButton] = 'onClickEditEntity';
-                    events["click " + this.ui.editButton] = 'onClickEditEntity';
-                }
                events["click " + this.ui.tagClick] = function(e) {
                    if (e.target.nodeName.toLocaleLowerCase() != "i") {
                        var scope = $(e.currentTarget);

--- a/dashboardv2/public/js/views/search/SearchLayoutView.js
+++ b/dashboardv2/public/js/views/search/SearchLayoutView.js
@@ -21,8 +21,9 @@ define(['require',
    'hbs!tmpl/search/SearchLayoutView_tmpl',
    'collection/VTagList',
    'utils/Utils',
-    'utils/UrlLinks'
+    'utils/UrlLinks',
-], function(require, Backbone, SearchLayoutViewTmpl, VTagList, Utils, UrlLinks) {
+    'utils/Globals',
+], function(require, Backbone, SearchLayoutViewTmpl, VTagList, Utils, UrlLinks, Globals) {
    'use strict';
    var SearchLayoutView = Backbone.Marionette.LayoutView.extend(
@@ -45,6 +46,13 @@ define(['require',
                refreshBtn: '[data-id="refreshBtn"]',
                createEntity: "[data-id='createEntity']",
            },
+            templateHelpers: function() {
+                return {
+                    entityCreate: Globals.entityCreate
+                };
+            },
            /** ui events hash */
            events: function() {
                var events = {},

--- a/dashboardv2/public/js/views/search/SearchResultLayoutView.js
+++ b/dashboardv2/public/js/views/search/SearchResultLayoutView.js
@@ -449,7 +449,7 @@ define(['require',
                                    nameHtml += '<button type="button" title="Deleted" class="btn btn-atlasAction btn-atlas deleteBtn"><i class="fa fa-trash"></i></button>';
                                    return '<div class="readOnly readOnlyLink">' + nameHtml + '</div>';
                                } else {
-                                    if (Globals.entityCrud) {
+                                    if (Globals.entityUpdate) {
                                        nameHtml += '<button title="Edit" data-id="editEntityButton"  data-giud= "' + (model.get('$id$').id || model.get('$id$')) + '" class="btn btn-atlasAction btn-atlas editBtn"><i class="fa fa-pencil"></i></button>'
                                    }
                                    return nameHtml;

--- a/release-log.txt
+++ b/release-log.txt
@@ -9,6 +9,7 @@ ATLAS-1060 Add composite indexes for exact match performance improvements for al
 ATLAS-1127 Modify creation and modification timestamps to Date instead of Long(sumasai)
 ALL CHANGES:
+ATLAS-1489 Show create/edit entity button based on role (Kalyanikashikar via kevalbhatt)
 ATLAS-1478 REST API to add classification to multiple entities (svimal2106 via mneethiraj)
 ATLAS-1490 added methods to get sub-types of entity and classification types (mneethiraj)
 ATLAS-1437 UI update to disallow tag association changes to deleted entities (Kalyanikashikar via mneethiraj)

--- a/webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java
+++ b/webapp/src/main/java/org/apache/atlas/web/resources/AdminResource.java
@@ -20,6 +20,9 @@ package org.apache.atlas.web.resources;
 import com.google.inject.Inject;
 import org.apache.atlas.AtlasClient;
+import org.apache.atlas.authorize.AtlasActionTypes;
+import org.apache.atlas.authorize.AtlasResourceTypes;
+import org.apache.atlas.authorize.simple.AtlasAuthorizationUtils;
 import org.apache.atlas.web.filters.AtlasCSRFPreventionFilter;
 import org.apache.atlas.web.service.ServiceState;
 import org.apache.atlas.web.util.Servlets;
@@ -58,7 +61,8 @@ public class AdminResource {
    private static final String CUSTOM_METHODS_TO_IGNORE_PARAM = "atlas.rest-csrf.methods-to-ignore";
    private static final String CUSTOM_HEADER_PARAM = "atlas.rest-csrf.custom-header";
    private static final String isTaxonomyEnabled = "atlas.feature.taxonomy.enable";
+    private static final String isEntityUpdateAllowed = "atlas.entity.update.allowed";
+    private static final String isEntityCreateAllowed = "atlas.entity.create.allowed";
    private Response version;
    private ServiceState serviceState;
@@ -179,6 +183,8 @@ public class AdminResource {
        try {
            PropertiesConfiguration configProperties = new PropertiesConfiguration("atlas-application.properties");
            Boolean enableTaxonomy = configProperties.getBoolean(isTaxonomyEnabled, false);
+            boolean isEntityUpdateAccessAllowed = false;
+            boolean isEntityCreateAccessAllowed = false;
            Authentication auth = SecurityContextHolder.getContext().getAuthentication();
            String userName = null;
            Set<String> groups = new HashSet<>();
@@ -188,15 +194,21 @@ public class AdminResource {
                for (GrantedAuthority c : authorities) {
                    groups.add(c.getAuthority());
                }
+                isEntityUpdateAccessAllowed = AtlasAuthorizationUtils.isAccessAllowed(AtlasResourceTypes.ENTITY,
+                        AtlasActionTypes.UPDATE, userName, groups);
+                isEntityCreateAccessAllowed = AtlasAuthorizationUtils.isAccessAllowed(AtlasResourceTypes.ENTITY,
+                        AtlasActionTypes.CREATE, userName, groups);
            }
            JSONObject responseData = new JSONObject();
-            responseData.put(isCSRF_ENABLED,  AtlasCSRFPreventionFilter.isCSRF_ENABLED);
+            responseData.put(isCSRF_ENABLED, AtlasCSRFPreventionFilter.isCSRF_ENABLED);
            responseData.put(BROWSER_USER_AGENT_PARAM, AtlasCSRFPreventionFilter.BROWSER_USER_AGENTS_DEFAULT);
            responseData.put(CUSTOM_METHODS_TO_IGNORE_PARAM, AtlasCSRFPreventionFilter.METHODS_TO_IGNORE_DEFAULT);
            responseData.put(CUSTOM_HEADER_PARAM, AtlasCSRFPreventionFilter.HEADER_DEFAULT);
            responseData.put(isTaxonomyEnabled, enableTaxonomy);
+            responseData.put(isEntityUpdateAllowed, isEntityUpdateAccessAllowed);
+            responseData.put(isEntityCreateAllowed, isEntityCreateAccessAllowed);
            responseData.put("userName", userName);
            responseData.put("groups", groups);